A subscriber authentication module or a subscriber identification/identity module (SIM) stores subscriber information, such as the service-subscriber key (IMSI), to identify a subscriber on a mobile terminal, such as a mobile phone or a metering application. Use of SIM cards is usually mandatory for participating in mobile communication networks, such as a second generation (2G) or third generation (3G) network, through a mobile terminal.
The equivalent of a SIM in UMTS is called the Universal Integrated Circuit Card (UICC), which usually runs a Universal Subscriber Identity Module (USIM) application. Another equivalent is the Removable User Identity Module (R-UIM) that is more often used in Code Division Multiple Access—(CDMA)-based devices. For covering all sorts of subscriber identification/authentication modules, the terms “authentication module” or “SIM” are used in the following.
When a mobile terminal starts up, it obtains the international mobile subscriber identity (IMSI) from the authentication module and passes this identity to a mobile operator/to a network entity of a communication network, requesting access and authentication. The mobile terminal may have to pass a PIN to the authentication module before the authentication module will reveal this identity. The mobile operator/network entity checks the request and a complex authentication process begins. In the outcome, if the authentication process succeeds, the mobile terminal is assigned an authentication key by the mobile operator, which allows the mobile terminal to encrypt all further communication between the mobile terminal and the communication network.
The specification of U.S. Pat. No. 6,741,852 B1 describes a method and a device to authenticate subscribers in a mobile radiotelephone system. It is described that the subscriber firstly initializes an authentication entity by executing several times an authentication algorithm involving stored subscriber-specific data components and by storing the corresponding response parameters of the subscribers-specific data components in a memory. A systematic authentication of the subscriber is made possible by the authentication parameters stored in the memory since the authentication entity can always refer back to the response parameters of the individual subscriber module it already knows.
A change or a replacement of an authentication module within a mobile terminal involves some technical challenges, in particular with respect to the authentication process, if operation of the mobile terminal is not to be interrupted.